In the Department of Defense (DoD) community, security policies govern the protection and handling of classified information. These policies can be found in such documented procedures as the DoD Information Technology Security Certification & Accreditation Process (DITSCAP) and the Director of Central Intelligence Directive (DCID) 6/3. Specifically, policies exist that govern the methods by which sensitive electronic data can be transferred between computer systems at dissimilar classification levels (also known as reclassification). Trusted operating systems that use an enhanced data access control system (like Trusted Solaris or Trusted Linux) electronically “tag” data with a classification label, sometimes referred to as a classification level. (The terms “level” and “label” will be used interchangeably herein.) This label is used to control access to data and files, limiting access to only those users specifically authorized. The process of raising the classification level of a document is known as upgrading, while the process of lowering the classification level of a document is known as downgrading. When downgrading the classification level of a document, the Defense Intelligence Agency (DIA) mandates a reliable, multi-person review process requiring two people to review data prior to downgrade. However, the DIA's method is normally a time-consuming manual process in which the electronic computer data was transferred by the first reviewer to the second reviewer. Such a multi-person manual review process has proven to be problematic in that it has been difficult to enforce or provide a record that a two-person review has occurred.
Prior art manual relabeling processes are further limited in that a user could only relabel one file to one label or level at a time. Prior art Dirty Word Search mechanisms are not very efficient and do not find as many embedded dirty words as they should while minimizing the reports of false dirty words positives. Moreover, mechanisms for identifying file types have generally been limited to one check and do not contain a high level of confidence that it would identify the file type correctly. The visual displays of the prior art relabeling processes also have not presented information or choices clearly and efficiently for the user. An improved, automated process is desired.
A technique for automating the enforcement and auditing of multi-person review process is desired that addresses the limitations of the prior art while providing a reliable mechanism for the reclassification of electronic computer data. Preferably, such a technique will work in conjunction with a trusted operating system to provide a convenient, configurable, and secure process for document/data reclassification and transfer, while satisfying the strict government policies and procedures. The present invention addresses these needs in the art.